Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraman-in-the-middle

Fedora 43 nginx-mod-headers-more Update CVE-2026-1642 Fix

nginx-mod-naxsi: Rebuild for 1.28.2 nginx-mod-brotli: Rebuild for 1.28.2 nginx-mod-fancyindex:. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cd0705c6a7 2026-02-15 01:10:21.966685+00:00 -------------------------------------------------------------------------------- Name : nginx-mod-headers-more Product : Fedora 43 Version : 0.39 Release : 6.fc43 URL : https://github.com/openresty/headers-more-nginx-module Summary : This module allows adding, setting, or clearing specified input/output headers Description : This module allows adding, setting, or clearing specified input/output headers. This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing "builtin headers" like Content-Type, Content-Length, and Server. -------------------------------------------------------------------------------- Update Information: nginx-mod-naxsi: Rebuild for 1.28.2 nginx-mod-brotli: Rebuild for 1.28.2 nginx-mod-fancyindex: Rebuild for 1.28.2 nginx-mod-modsecurity: Rebuild for 1.28.2 nginx-mod-headers-more: Rebuild for 1.28.2 nginx-mod-vts: Rebuild for 1.28.2 nginx: Update to 1.28.2 fixes CVE-2026-1642 move log directory to nginx-filesystem subpackage (PR#20) delete Maxim Dounin's key, it's no longer listed on the nginx website -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 4 2026 Felix Kaechele - 0.39-6 - Rebuild for 1.28.2 * Fri Jan 16 2026 Fedora Release Engineering - 0.39-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2436871 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2436871 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cd0705c6a7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Addressing CVE-2026-1642 with nginx-mod-headers-more module update for Fedora 43 resolves potential man-in-the-middle threats.. nginx security,Fedora updates,CVE-2026-1642,nginx headers management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 15, 2026 Important Fedora
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorynetwork threatheader manipulation

Ubuntu 22.04 & 20.04: USN-7031-2 critical: Puma header overwrite

Puma could be made to overwrite headers if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7031-2 September 24, 2024 puma vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Puma could be made to overwrite headers if it received specially crafted network traffic. Software Description: - puma: threaded HTTP 1.1 server for Ruby/Rack applications Details: USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS puma 5.5.2-2ubuntu2+esm2 Available with Ubuntu Pro Ubuntu 20.04 LTS puma 3.12.4-1ubuntu2+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7031-2 https://ubuntu.com/security/notices/USN-7031-1 CVE-2024-45614 . The Ubuntu Security Notice USN-7031-2 addresses a vulnerability concerning Puma's header handling, impacting several distributions along with steps for corrective measures.. Puma Security, Ubuntu Updates, Network Traffic Issue, Header Overwrite. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 24, 2024 Critical Ubuntu
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatered hat

Red Hat: RHSA-2003:029-06 Moderate: Lynx Header Manipulation Risk

Updated lynx packages are available that fix an error in the way lynxparses its command line arguments, which can lead to faked headers beingsent to a web server.. --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated lynx packages fix CRLF injection vulnerability Advisory ID: RHSA-2003:029-06 Issue date: 2003-01-28 Updated on: 2003-02-12 Product: Red Hat Linux Keywords: lynx CRLF Cross references: Obsoletes: CVE Names: CAN-2002-1405 --------------------------------------------------------------------- 1. Topic: Updated lynx packages are available that fix an error in the way lynx parses its command line arguments, which can lead to faked headers being sent to a web server. 2. Relevant releases/architectures: Red Hat Linux 6.2 - i386 Red Hat Linux 7.0 - i386 Red Hat Linux 7.1 - i386 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 Red Hat Linux 8.0 - i386 3. Problem description: Lynx is a character-cell Web browser, suitable for running on terminals such as VT100. Lynx constructs its HTTP queries from the command line (or WWW_HOME environment variable) without regard to special characters such as carriage returns or linefeeds. When given a URL containing such special characters, extra headers could be inserted into the request. This could cause scripts using lynx to fetch data from the wrong site from servers with virtual hosting. Users of Lynx are advised to upgrade to these erratum packages, which contain a patch to correct this isssue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not beupdated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 6.2: SRPMS: i386: Red Hat Linux 7.0: SRPMS: i386: Red Hat Linux 7.1: SRPMS: i386: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: Red Hat Linux 8.0: SRPMS: i386: 6. Verification: MD5 sum Package Name -------------------------------------------------------------------------- ee2ec726b41f93d3787abbcf2760cdfe 6.2/en/os/SRPMS/lynx-2.8.3-2.1.src.rpm 4f8b6cafe29d38e498e8d495ec687e8d 6.2/en/os/i386/lynx-2.8.3-2.1.i386.rpm 2ef0ea9eaacd3745869855b3e09b3094 7.0/en/os/SRPMS/lynx-2.8.4-9.1.src.rpm fdf7f4ede3587e9ee9bad3b722da5f0e 7.0/en/os/i386/lynx-2.8.4-9.1.i386.rpm 2ef0ea9eaacd3745869855b3e09b3094 7.1/en/os/SRPMS/lynx-2.8.4-9.1.src.rpm fdf7f4ede3587e9ee9bad3b722da5f0e 7.1/en/os/i386/lynx-2.8.4-9.1.i386.rpm 45dbab8b692beafc8e9bfb367bc37892 7.2/en/os/SRPMS/lynx-2.8.4-18.1.src.rpm da2e0cc072fe3f313a4cd1ba1d2a9229 7.2/en/os/i386/lynx-2.8.4-18.1.i386.rpm c9f787ae94edc0182b015524593f82a7 7.2/en/os/ia64/lynx-2.8.4-18.1.ia64.rpm 45dbab8b692beafc8e9bfb367bc37892 7.3/en/os/SRPMS/lynx-2.8.4-18.1.src.rpm da2e0cc072fe3f313a4cd1ba1d2a9229 7.3/en/os/i386/lynx-2.8.4-18.1.i386.rpm 6e0af76d0632ec353555843a84bb2a02 8.0/en/os/SRPMS/lynx-2.8.5-7.1.src.rpm 96fd9d05a357e6a0d11d5a2916b90485 8.0/en/os/i386/lynx-2.8.5-7.1.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at About You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not beencorrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: bugtraq@securityfocus.com/msg08897.html''> https:// This email address is being protected from spambots. You need JavaScript enabled to view it. /msg08897.html CVE -CVE-2002-1405 8. Contact: The Red Hat security contact is . More contact details at All Red Hat products Copyright 2003 Red Hat, Inc. . Updated lynx packages by Red Hat fix CRLF injection threats, enhancing request security against header spoofing.. Lynx Security Advisory, Red Hat Package Update, CRLF Injection Fix. . LinuxSecurity.com Team

Calendar 2 Feb 12, 2003 Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here